Jump to content

paperclip

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by paperclip

  1. Hey, I decided to go ahead and reinstall Windows in an attempt to fix some other problems I had. I'm assuming my computer is clean now, so I won't be needing your help anymore. Thanks for your help!
  2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.4 (08.22.2013:1) OS: Windows 7 Home Premium x64 Ran by Shu on 23/08/2013 at 20:52:11.85 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Shu\AppData\Roaming\mozilla\firefox\profiles\qa1rbie7.default\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 23/08/2013 at 21:15:33.45 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.000 - Report created 23/08/2013 at 21:17:23 # Updated 20/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Shu - SHU-PC # Running from : C:\Users\Shu\Desktop\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\prefs.js ] ************************* AdwCleaner[R0].txt - [940 octets] - [22/08/2013 17:21:51] AdwCleaner[R1].txt - [893 octets] - [23/08/2013 21:15:55] AdwCleaner[s0].txt - [1004 octets] - [22/08/2013 17:22:47] AdwCleaner[s1].txt - [815 octets] - [23/08/2013 21:17:23] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [874 octets] ##########
  3. Hi, Well, I rarely actually have symptoms of viruses on my computer apart from detection by antivirus software. The problem is that I delete them and then the scans are clean for a while, then I run the same scan and adware is detected again. I don't think they're new infections either, because the names are the same.
  4. OTL logfile created on: 22/08/2013 23:28:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shu\Desktop\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.90 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 34.22% Memory free 7.79 Gb Paging File | 4.79 Gb Available in Paging File | 61.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 162.68 Gb Total Space | 111.70 Gb Free Space | 68.66% Space Free | Partition Type: NTFS Drive D: | 283.51 Gb Total Space | 69.58 Gb Free Space | 24.54% Space Free | Partition Type: NTFS Computer Name: SHU-PC | User Name: Shu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/08/22 23:27:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shu\Desktop\Downloads\OTL.exe PRC - [2013/08/17 01:21:24 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/07/15 20:33:10 | 000,436,800 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe PRC - [2013/06/05 01:39:13 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2013/06/05 01:39:10 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/05/09 09:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/02/13 05:45:28 | 000,060,216 | ---- | M] (The Pidgin developer community) -- C:\Program Files (x86)\Pidgin\pidgin.exe PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE PRC - [2012/05/30 20:55:26 | 001,112,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe PRC - [2012/05/02 08:03:44 | 002,279,304 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe PRC - [2012/04/25 13:18:10 | 000,784,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe PRC - [2012/01/31 15:56:48 | 001,640,328 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe PRC - [2012/01/17 14:01:10 | 002,810,448 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe PRC - [2011/12/08 07:23:42 | 003,398,736 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe PRC - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe PRC - [2011/09/08 19:43:02 | 004,449,360 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe PRC - [2011/08/17 08:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2011/07/06 08:24:24 | 000,184,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe ========== Modules (No Company Name) ========== MOD - [2013/08/17 01:21:23 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/07/15 18:29:04 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll MOD - [2013/06/08 18:46:12 | 000,090,496 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll MOD - [2013/06/08 18:46:11 | 000,904,525 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll MOD - [2013/06/08 18:46:11 | 000,279,059 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll MOD - [2013/06/08 18:46:11 | 000,216,992 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll MOD - [2013/06/08 18:46:11 | 000,177,586 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll MOD - [2013/06/08 18:46:11 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll MOD - [2013/06/08 18:46:10 | 000,553,382 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll MOD - [2013/02/13 05:45:08 | 000,069,575 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\spellchk.dll MOD - [2013/02/13 05:45:08 | 000,044,494 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll MOD - [2013/02/13 05:45:08 | 000,037,191 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll MOD - [2013/02/13 05:45:08 | 000,032,020 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ticker.dll MOD - [2013/02/13 05:45:08 | 000,030,771 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\winprefs.dll MOD - [2013/02/13 05:45:08 | 000,030,353 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\themeedit.dll MOD - [2013/02/13 05:45:08 | 000,029,791 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll MOD - [2013/02/13 05:45:08 | 000,029,256 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll MOD - [2013/02/13 05:45:08 | 000,027,811 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll MOD - [2013/02/13 05:45:08 | 000,023,305 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll MOD - [2013/02/13 05:45:08 | 000,018,399 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\timestamp.dll MOD - [2013/02/13 05:45:08 | 000,015,978 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\statenotify.dll MOD - [2013/02/13 05:45:08 | 000,015,429 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\relnot.dll MOD - [2013/02/13 05:45:08 | 000,015,380 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\psychic.dll MOD - [2013/02/13 05:45:08 | 000,015,045 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll MOD - [2013/02/13 05:45:08 | 000,012,004 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ssl.dll MOD - [2013/02/13 05:45:06 | 000,415,553 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libjabber.dll MOD - [2013/02/13 05:45:06 | 000,373,657 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmsn.dll MOD - [2013/02/13 05:45:06 | 000,310,491 | ---- | M] () -- C:\Program Files (x86)\Pidgin\liboscar.dll MOD - [2013/02/13 05:45:06 | 000,228,908 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libymsg.dll MOD - [2013/02/13 05:45:06 | 000,209,619 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libgg.dll MOD - [2013/02/13 05:45:06 | 000,171,090 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsilc.dll MOD - [2013/02/13 05:45:06 | 000,149,933 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmxit.dll MOD - [2013/02/13 05:45:06 | 000,123,540 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libnovell.dll MOD - [2013/02/13 05:45:06 | 000,116,583 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsametime.dll MOD - [2013/02/13 05:45:06 | 000,106,670 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll MOD - [2013/02/13 05:45:06 | 000,105,620 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libirc.dll MOD - [2013/02/13 05:45:06 | 000,092,874 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll MOD - [2013/02/13 05:45:06 | 000,055,758 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsimple.dll MOD - [2013/02/13 05:45:06 | 000,047,391 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\log_reader.dll MOD - [2013/02/13 05:45:06 | 000,029,225 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\notify.dll MOD - [2013/02/13 05:45:06 | 000,024,924 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\convcolors.dll MOD - [2013/02/13 05:45:06 | 000,022,832 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll MOD - [2013/02/13 05:45:06 | 000,021,795 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\markerline.dll MOD - [2013/02/13 05:45:06 | 000,021,337 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll MOD - [2013/02/13 05:45:06 | 000,020,997 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll MOD - [2013/02/13 05:45:06 | 000,019,793 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll MOD - [2013/02/13 05:45:06 | 000,019,043 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\idle.dll MOD - [2013/02/13 05:45:06 | 000,018,882 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\history.dll MOD - [2013/02/13 05:45:06 | 000,018,555 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\joinpart.dll MOD - [2013/02/13 05:45:06 | 000,017,023 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll MOD - [2013/02/13 05:45:06 | 000,016,005 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libicq.dll MOD - [2013/02/13 05:45:06 | 000,015,702 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\extplacement.dll MOD - [2013/02/13 05:45:06 | 000,015,074 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libaim.dll MOD - [2013/02/13 05:45:06 | 000,014,147 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll MOD - [2013/02/13 05:45:06 | 000,013,456 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\newline.dll MOD - [2013/02/13 05:45:06 | 000,013,253 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\buddynote.dll MOD - [2013/02/13 05:45:06 | 000,012,865 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\iconaway.dll MOD - [2013/02/13 05:44:56 | 000,671,031 | ---- | M] () -- C:\Program Files (x86)\Pidgin\exchndl.dll MOD - [2013/02/13 05:44:56 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libssp-0.dll MOD - [2013/02/13 05:44:54 | 000,475,580 | ---- | M] () -- C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll MOD - [2013/02/13 05:44:00 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sqlite3.dll MOD - [2013/02/13 05:43:54 | 002,097,721 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll MOD - [2013/02/13 05:43:54 | 000,818,985 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll MOD - [2013/02/13 05:43:54 | 000,152,852 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll MOD - [2013/02/13 05:43:46 | 001,274,655 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libxml2-2.dll MOD - [2013/02/13 05:43:46 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsasl.dll MOD - [2013/02/13 05:43:46 | 000,140,288 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll MOD - [2013/02/13 05:43:46 | 000,115,712 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll MOD - [2013/02/13 05:43:46 | 000,102,912 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll MOD - [2013/02/13 05:43:46 | 000,102,912 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll MOD - [2013/02/13 05:43:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll MOD - [2012/01/16 16:50:06 | 000,755,280 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll MOD - [2011/09/08 19:40:10 | 001,645,056 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll MOD - [2011/02/17 01:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll MOD - [2006/08/12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2013/04/18 18:15:18 | 003,388,144 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2013/04/18 18:14:58 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2013/04/18 18:14:46 | 000,621,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2013/04/18 18:14:20 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2013/04/11 02:12:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2012/09/12 18:07:06 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2012/03/30 12:54:10 | 000,079,664 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe -- (ExpressCache) SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2013/08/17 01:21:23 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/06/05 01:39:13 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2013/06/05 01:39:10 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc) SRV - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) SRV - [2011/07/06 08:24:24 | 000,184,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv) SRV - [2010/12/17 05:18:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/06/30 17:11:15 | 000,019,456 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETMD760.sys -- (NETMD760) DRV:64bit: - [2013/06/27 21:44:31 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013/06/27 21:44:31 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013/06/27 21:44:31 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013/06/05 01:40:09 | 000,293,712 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2013/05/09 09:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013/05/09 09:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013/05/09 09:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013/05/09 09:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013/05/09 09:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013/04/18 07:31:40 | 011,524,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64) DRV:64bit: - [2013/04/11 02:13:08 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2013/04/11 02:13:08 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2013/01/28 17:48:16 | 000,194,456 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xHCIPort.sys -- (XHCIPort) DRV:64bit: - [2013/01/28 17:48:16 | 000,048,024 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub) DRV:64bit: - [2013/01/28 17:48:16 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2013/01/28 17:48:16 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/30 12:54:16 | 000,095,024 | ---- | M] (Diskeeper Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd) DRV:64bit: - [2012/03/30 12:54:16 | 000,023,344 | ---- | M] (Diskeeper Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/01/10 06:28:16 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/10/11 13:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011/10/10 16:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011/08/29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2011/08/22 21:12:56 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011/08/17 08:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011/06/15 21:50:08 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv) DRV:64bit: - [2011/06/02 02:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011/06/02 02:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011/05/17 07:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/04/11 11:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/12/17 05:18:38 | 000,019,504 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt) DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI) DRV:64bit: - [2006/10/18 02:00:00 | 000,052,760 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com IE - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/ig" FF - prefs.js..extensions.enabledAddons: %7B99B98C2C-7274-45a3-A640-D9DF1A1C8460%7D:1.4 FF - prefs.js..extensions.enabledAddons: %7B8b86149f-01fb-4842-9dd8-4d7eb02fd055%7D:0.26 FF - prefs.js..extensions.enabledAddons: foobar%40unnecessarilylongurl.com:2.0.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/06/08 18:41:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/30 17:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Extensions [2013/07/31 02:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions [2013/06/08 18:42:48 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013/07/10 02:05:35 | 000,041,010 | ---- | M] () (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions\foobar@unnecessarilylongurl.com.xpi [2013/06/08 18:41:46 | 000,001,804 | ---- | M] () (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions\superstop@gavinsharp.com.xpi [2013/06/08 18:42:48 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2013/07/31 02:48:30 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/08/17 01:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions [2013/08/17 01:21:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/08/17 01:21:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013/06/09 00:53:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000..\Run: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community) O4 - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1328410469-2961649627-3447246624-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C896131E-03B6-469E-8E0E-51F03BAFF4A6}: DhcpNameServer = 194.168.4.100 194.168.8.100 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/08/22 17:21:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/08/22 17:02:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2013/08/18 12:01:31 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\graph theory [2013/08/17 16:32:19 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\ucl timetable [2013/08/17 01:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/08/17 01:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/08/15 15:00:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/08/15 14:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable) [2013/08/15 14:13:01 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\mbar [2013/08/15 01:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013/08/11 18:08:15 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\combinatorial 2009 c morgan [2013/08/10 02:11:19 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\math commutative [2013/08/08 22:45:50 | 000,000,000 | ---D | C] -- C:\Users\Shu\AppData\Local\gtk-2.0 [2013/08/07 16:25:47 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\Futurama season part b [2013/07/31 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Shu\AppData\Roaming\Mp3tag [2013/07/31 22:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag [2013/07/31 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag [2013/07/30 01:18:32 | 000,000,000 | ---D | C] -- C:\Users\Shu\Desktop\Modern Family Season 4 Complete 720p HD [CARG] [2013/07/24 03:01:16 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT ========== Files - Modified Within 30 Days ========== [2013/08/22 23:19:32 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/08/22 23:19:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/08/22 21:56:27 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/08/22 21:56:27 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/08/22 21:49:25 | 000,000,888 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/08/22 21:04:54 | 000,085,349 | ---- | M] () -- C:\Users\Shu\Desktop\IMG_20130822_205643_2.jpg [2013/08/22 17:04:07 | 000,015,898 | ---- | M] () -- C:\windows\SysNative\results.xml [2013/08/22 17:02:47 | 001,666,600 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013/08/22 17:02:47 | 000,628,460 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013/08/22 17:02:47 | 000,390,322 | ---- | M] () -- C:\windows\SysNative\prfh0404.dat [2013/08/22 17:02:47 | 000,374,220 | ---- | M] () -- C:\windows\SysNative\prfh0804.dat [2013/08/22 17:02:47 | 000,110,612 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013/08/22 17:02:47 | 000,108,472 | ---- | M] () -- C:\windows\SysNative\prfc0804.dat [2013/08/22 17:02:47 | 000,103,558 | ---- | M] () -- C:\windows\SysNative\prfc0404.dat [2013/08/21 02:56:28 | 012,952,540 | ---- | M] () -- C:\Users\Shu\Desktop\3503 Graph Theory and Combinatorics Notes edited.pdf [2013/08/17 01:33:03 | 000,002,243 | ---- | M] () -- C:\Users\Shu\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/08/17 01:24:53 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013/08/09 03:00:01 | 000,000,218 | ---- | M] () -- C:\Users\Shu\.recently-used.xbel [2013/08/05 22:12:51 | 055,650,809 | ---- | M] () -- C:\Users\Shu\Desktop\Listening to Music - C.Wright - 6th Ed.pdf [2013/08/04 19:56:18 | 000,718,125 | ---- | M] () -- C:\Users\Shu\Desktop\nibblerpattern.pdf [2013/07/31 22:24:18 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013/07/30 01:16:39 | 000,000,851 | ---- | M] () -- C:\Users\Shu\Desktop\Modern Family S4 - Shortcut.lnk [2013/07/26 14:03:49 | 000,000,840 | ---- | M] () -- C:\Users\Shu\Desktop\Paper Chase - Shortcut.lnk ========== Files Created - No Company Name ========== [2013/08/22 21:03:46 | 000,085,349 | ---- | C] () -- C:\Users\Shu\Desktop\IMG_20130822_205643_2.jpg [2013/08/17 01:24:53 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013/08/11 18:21:37 | 012,952,540 | ---- | C] () -- C:\Users\Shu\Desktop\3503 Graph Theory and Combinatorics Notes edited.pdf [2013/08/09 03:00:01 | 000,000,218 | ---- | C] () -- C:\Users\Shu\.recently-used.xbel [2013/08/05 21:55:21 | 055,650,809 | ---- | C] () -- C:\Users\Shu\Desktop\Listening to Music - C.Wright - 6th Ed.pdf [2013/08/04 19:56:18 | 000,718,125 | ---- | C] () -- C:\Users\Shu\Desktop\nibblerpattern.pdf [2013/07/31 22:24:18 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013/07/30 01:16:39 | 000,000,851 | ---- | C] () -- C:\Users\Shu\Desktop\Modern Family S4 - Shortcut.lnk [2013/07/26 14:03:49 | 000,000,840 | ---- | C] () -- C:\Users\Shu\Desktop\Paper Chase - Shortcut.lnk [2013/06/30 17:36:55 | 000,532,480 | ---- | C] () -- C:\windows\SysWow64\CddbPlaylist2Sony.dll [2013/06/16 17:15:56 | 000,032,248 | ---- | C] () -- C:\Users\Shu\AppData\Local\WiDiSetupLog.20130616.171556.wdl [2013/03/08 19:06:46 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin [2013/03/08 19:06:46 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin [2012/02/06 00:53:14 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2012/02/06 00:53:10 | 013,904,384 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll [2012/01/10 14:27:24 | 000,963,884 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin [2012/01/10 14:27:24 | 000,221,264 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin [2011/12/27 09:08:15 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe [2011/12/27 08:23:37 | 000,002,626 | ---- | C] () -- C:\windows\HotFixList.ini [2011/12/02 03:27:59 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/08/22 23:35:36 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\.purple [2013/08/20 20:41:38 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\Dropbox [2013/07/31 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\Mp3tag [2013/07/19 23:20:14 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\Spotify [2013/06/16 17:13:00 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\SystemRequirementsLab [2013/08/09 15:21:30 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\tixati [2013/06/12 01:45:07 | 000,000,000 | ---D | M] -- C:\Users\Shu\AppData\Roaming\WinPatrol ========== Purity Check ========== < End of report > OTL Extras logfile created on: 22/08/2013 23:28:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shu\Desktop\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.90 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 34.22% Memory free 7.79 Gb Paging File | 4.79 Gb Available in Paging File | 61.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 162.68 Gb Total Space | 111.70 Gb Free Space | 68.66% Space Free | Partition Type: NTFS Drive D: | 283.51 Gb Total Space | 69.58 Gb Free Space | 24.54% Space Free | Partition Type: NTFS Computer Name: SHU-PC | User Name: Shu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1328410469-2961649627-3447246624-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1918516B-77BC-4DB5-ACB9-EA57EE961CED}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{91B755A6-F2A9-42F4-8B88-B83D2EC18132}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{C70D1D0B-5DBF-44D0-97C7-2BDAAAC6EED5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C4250AA-DD59-4E25-B528-3BE64052040D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{0E0038A8-8342-4572-A138-67EA5F876FD9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{319EA64A-FB0D-4D97-B8FC-CB70C21E3EAC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{331E1E20-5900-4404-94E5-3BAC456D65A2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{394CCB03-82B6-4C33-A852-7483D1F32FBC}" = protocol=17 | dir=in | app=c:\users\shu\appdata\roaming\spotify\spotify.exe | "{423B16DD-0465-4EBA-B827-19F51ECA0B5A}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{4E65BD2E-0AB1-4601-A619-E01461B3604E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{567C226A-CD1F-412E-BFE4-F23E1E600C85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{5732D8F0-00EB-42FF-A589-831E9163F9C2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{606E07B6-403D-458B-BA30-0EFCD900BE35}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | "{67091253-552F-4421-BDF9-04C8387CEE27}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{67D297B7-DA3D-4ABF-A1FD-1A25B7082F5E}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{7504EF9F-7C3C-48A8-8B08-9803D01A7052}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{79306EDC-DAF1-4E86-A67A-80E93EFB4596}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8FCC8F8F-A9EC-4BE8-B2CD-2C560750B399}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{90FC910B-40F6-4311-A04A-634480EDACBD}" = protocol=6 | dir=in | app=c:\users\shu\appdata\roaming\spotify\spotify.exe | "{A30A2DB4-0D5E-493E-888B-BD648210A1C6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{A3660817-1106-4DA0-A0F4-C449B864FD2E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{B8D51F80-4257-4888-BA1C-40AEA9E062B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BB93E61E-3EC1-4016-A0B5-908E5BEA1283}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{C713C5A1-7255-46D5-884D-240FF53B45E2}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{C73A7912-360B-4252-8A93-4AD90408E7A7}" = protocol=17 | dir=in | app=c:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe | "{D6E45790-33BE-4FFE-9755-41A798401E3F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{F294F224-5E97-4C73-BD1E-1548027D35C8}" = protocol=6 | dir=in | app=c:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{0BF1E004-06F8-4351-8803-5F26ABE9282A}C:\program files\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files\tixati\tixati.exe | "TCP Query User{117F124B-5D2A-495F-8B64-74441711C097}C:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{D3EBA4BC-8553-4B66-8EBF-38FD140F9AFF}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | "UDP Query User{B74ADD7F-206D-468A-89CF-0047300C5535}C:\program files\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files\tixati\tixati.exe | "UDP Query User{DD9F9461-6AA7-4FB8-81F0-8979B7D5201E}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | "UDP Query User{F70E95A0-FD00-41F4-8092-3231880C5211}C:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\shu\appdata\roaming\dropbox\bin\dropbox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series" = Canon MX510 series MP Drivers "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1EAE3FBF-E39F-4B65-ACEE-560A16CD1F44}" = Intel® PROSet/Wireless WiFi Software Driver "{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display "{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}" = Intel® PROSet/Wireless Software for Bluetooth® Technology "{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}" = ExpressCache "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{62E7C369-64FF-452C-8F46-6BE9B77FF097}" = Intel® WiDi "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{75AA90DC-1E08-472E-863A-65D661AE0F9C}" = S Agent "{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources "{B0169FD6-8590-451E-AEFF-A6253C0A850C}" = Intel® PROSet/Wireless for Bluetooth® + High Speed "{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E7EBB2A5-8C76-4C16-95A3-2FC74BEDE270}" = Intel® PROSet/Wireless WiFi Software "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "CCleaner" = CCleaner "Elantech" = ETDWare PS/2-X64 10.7.17.5_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{12F81925-F3C1-40DB-91F7-777817974319}" = Easy File Share "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5 "{16D80FCD-CE38-47E3-BD08-DA14422F8B95}" = Fast Flash Sleep Resume "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger "{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack "{387B63A5-5016-1015-B06B-A9A1030E3125}" = Intel® Identity Protection Technology 1.2.22.0 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{411B07C7-9307-4AA7-932E-CB506E4CF3A3}" = SW Update "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources "{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89704656-98FA-4EB0-9CC9-9C9839255FA0}" = Intel® Update Manager "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) "{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration "{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{e6d17d96-ddaa-476f-bb07-db601024ffb1}" = Intel® PROSet/Wireless Software "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Easy Support Center 1.0 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel® Rapid Start Technology "7-Zip" = 7-Zip 9.20 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "Canon MX510 series On-screen Manual" = Canon MX510 series On-screen Manual "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "Guitar Pro 5_is1" = Guitar Pro 5.2 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mp3tag" = Mp3tag v2.57 "Pidgin" = Pidgin "tixati" = Tixati "VLC media player" = VLC media player 2.0.8 "WinLiveSuite" = Windows Live 程式集 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1328410469-2961649627-3447246624-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 22/08/2013 12:23:52 | Computer Name = Shu-PC | Source = WinMgmt | ID = 10 Description = Error - 22/08/2013 12:23:58 | Computer Name = Shu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ExpressCacheRun64.exe, version: 1.0.0.2, time stamp: 0x4df608c1 Faulting module name: ecapi64.dll, version: 1.0.46.0, time stamp: 0x4ddeea46 Exception code: 0xc0000409 Fault offset: 0x0000000000001ae7 Faulting process id: 0x1028 Faulting application start time: 0x01ce9f5400bf3923 Faulting application path: C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\ExpressCacheRun64.exe Faulting module path: C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\ecapi64.dll Report Id: 3eeeafb2-0b47-11e3-b2cf-00dbdf09cb57 Error - 22/08/2013 16:49:19 | Computer Name = Shu-PC | Source = WinMgmt | ID = 10 Description = Error - 22/08/2013 16:49:27 | Computer Name = Shu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ZeroConfigService.exe, version: 15.8.0.0, time stamp: 0x51709701 Faulting module name: MurocApi.dll, version: 15.8.0.0, time stamp: 0x5170961c Exception code: 0xc0000005 Fault offset: 0x0000000000026990 Faulting process id: 0x83c Faulting application start time: 0x01ce9f790ea9e006 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\MurocApi.dll Report Id: 54f767e5-0b6c-11e3-8922-00dbdf09cb57 Error - 22/08/2013 16:49:36 | Computer Name = Shu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ExpressCacheRun64.exe, version: 1.0.0.2, time stamp: 0x4df608c1 Faulting module name: ecapi64.dll, version: 1.0.46.0, time stamp: 0x4ddeea46 Exception code: 0xc0000409 Fault offset: 0x0000000000001ae7 Faulting process id: 0xcd0 Faulting application start time: 0x01ce9f791bb32947 Faulting application path: C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\ExpressCacheRun64.exe Faulting module path: C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\ecapi64.dll Report Id: 5a574343-0b6c-11e3-8922-00dbdf09cb57 [ System Events ] Error - 22/08/2013 12:23:50 | Computer Name = Shu-PC | Source = Service Control Manager | ID = 7000 Description = The SW Update Service service failed to start due to the following error: %%2 Error - 22/08/2013 12:23:50 | Computer Name = Shu-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: cdrom Error - 22/08/2013 12:24:57 | Computer Name = Shu-PC | Source = DCOM | ID = 10016 Description = Error - 22/08/2013 16:49:12 | Computer Name = Shu-PC | Source = Service Control Manager | ID = 7000 Description = The SW Update Service service failed to start due to the following error: %%2 Error - 22/08/2013 16:49:17 | Computer Name = Shu-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: cdrom Error - 22/08/2013 16:49:34 | Computer Name = Shu-PC | Source = Service Control Manager | ID = 7034 Description = The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s). Error - 22/08/2013 16:50:25 | Computer Name = Shu-PC | Source = DCOM | ID = 10016 Description = < End of report >
  5. Hi, thanks for the quick reply! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.4 (08.22.2013:1) OS: Windows 7 Home Premium x64 Ran by Shu on 22/08/2013 at 17:06:34.32 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Shu\AppData\Roaming\mozilla\firefox\profiles\qa1rbie7.default\minidumps [6 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22/08/2013 at 17:19:21.81 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.000 - Report created 22/08/2013 at 17:22:47 # Updated 20/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Shu - SHU-PC # Running from : C:\Users\Shu\Desktop\Downloads\AdwCleaner(1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\InstallMate ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\prefs.js ] -\\ Google Chrome v28.0.1500.95 [ File : C:\Users\Shu\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [940 octets] - [22/08/2013 17:21:51] AdwCleaner[s0].txt - [866 octets] - [22/08/2013 17:22:47] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [925 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.22.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Shu :: SHU-PC [administrator] 22/08/2013 17:25:48 mbam-log-2013-08-22 (17-25-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 226249 Time elapsed: 3 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  6. I've been having problems with antivirus scanners detecting toolbar viruses/adware. I delete them and they seem to come back. A few days ago I ran scans using Malwarebytes, Avast, ESET online scanner and everything was clean. I ran a quick scan with Malwarebytes today and this was detected: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> No action taken. DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2 Run by Shu at 16:33:18 on 2013-08-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3990.902 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe C:\windows\SysWOW64\irstrtsv.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\taskhost.exe C:\windows\system32\svchost.exe -k bthsvcs C:\windows\Explorer.EXE C:\windows\system32\Dwm.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskeng.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Pidgin\pidgin.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Program Files\Samsung\S Agent\CommonAgent.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\windows\servicing\TrustedInstaller.exe C:\windows\system32\sppsvc.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{C896131E-03B6-469E-8E0E-51F03BAFF4A6} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{C896131E-03B6-469E-8E0E-51F03BAFF4A6}\4514C4B44514C4B4D2131323039383 : DHCPNameServer = 192.168.1.1 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\qa1rbie7.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-6-8 65336] R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-6-8 189936] R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2013-6-8 95024] R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2013-6-30 52760] R0 stdflt;Disk Filter Driver for Accelerometer;C:\windows\System32\drivers\stdflt.sys [2011-12-27 19504] R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-6-8 1030952] R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-6-8 378944] R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2013-6-8 23344] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-12-27 13824] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064] R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-6-8 33400] R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-6-8 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-8 46808] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984] R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-30 79664] R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2011-12-27 60928] R2 irstrtsv;Intel® Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2011-12-27 184320] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944] R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2011-12-27 7680] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-27 2656536] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2013-4-11 164832] R3 asmthub3;ASMedia USB3 Hub Service;C:\windows\System32\drivers\asmthub3.sys [2011-6-2 128488] R3 asmtxhci;ASMEDIA XHCI Service;C:\windows\System32\drivers\asmtxhci.sys [2011-6-2 401896] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-8-29 53760] R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-10-10 288768] R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216] R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-6-7 293712] R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-6-16 169752] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2013-3-12 342528] R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\windows\System32\drivers\irstrtdv.sys [2011-12-2 26504] R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2013-1-28 25528] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-12-27 533096] R3 usb3Hub;Intel UoIP Bus;C:\windows\System32\drivers\usb3Hub.sys [2013-1-28 48024] R3 XHCIPort;Intel UoIP Host Controller;C:\windows\System32\drivers\xHCIPort.sys [2013-1-28 194456] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SWUpdateService;SW Update Service;C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe /SERVICE --> C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [?] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2013-4-11 164832] S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2013-1-28 35256] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-4-18 273136] S3 NETMD760;Net MD;C:\windows\System32\drivers\NETMD760.sys [2010-5-27 19456] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-6-8 19456] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-6-8 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-6-8 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-6-8 1255736] S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-14 25088] S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272] S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064] S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-08-22 01:45:47 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-08-22 01:45:46 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-20 12:47:11 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B3249408-AC6C-4282-8D00-BDFCF98860AC}\mpengine.dll 2013-08-15 13:14:26 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-08-15 02:28:17 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2013-08-15 02:28:17 2048 ----a-w- C:\windows\System32\tzres.dll 2013-08-15 02:26:53 39936 ----a-w- C:\windows\System32\drivers\tssecsrv.sys 2013-08-15 02:26:44 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys 2013-08-15 00:19:27 -------- d-----w- C:\Program Files (x86)\ESET 2013-08-08 21:45:50 -------- d-----w- C:\Users\Shu\AppData\Local\gtk-2.0 2013-07-31 21:25:10 -------- d-----w- C:\Users\Shu\AppData\Roaming\Mp3tag 2013-07-31 21:24:16 -------- d-----w- C:\Program Files (x86)\Mp3tag 2013-07-24 02:01:16 -------- d-----w- C:\windows\System32\MRT . ==================== Find3M ==================== . 2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL 2013-07-25 03:37:25 2312704 ----a-w- C:\windows\System32\jscript9.dll 2013-07-25 03:30:49 1392128 ----a-w- C:\windows\System32\wininet.dll 2013-07-25 03:29:41 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2013-07-25 03:28:46 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2013-07-25 03:28:31 599040 ----a-w- C:\windows\System32\vbscript.dll 2013-07-25 03:27:20 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2013-07-25 02:32:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-07-25 02:26:10 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2013-07-25 02:25:30 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2013-07-25 02:23:59 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2013-07-25 02:23:58 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2013-07-25 02:22:35 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-07-09 06:03:30 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:\windows\System32\ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:\windows\System32\wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:\windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\windows\System32\cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:\windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\windows\apppatch\acwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-06-30 16:11:15 19456 ----a-w- C:\windows\System32\drivers\NETMD760.sys 2013-06-29 21:22:39 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-29 21:22:37 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll 2013-06-29 21:22:37 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll 2013-06-27 20:44:31 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys 2013-06-27 20:44:31 1030952 ----a-w- C:\windows\System32\drivers\aswSnx.sys 2013-06-05 03:34:27 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-06-05 00:51:33 90112 ----a-w- C:\windows\System32\igfxCoIn_v2622.dll 2013-06-05 00:51:31 963884 ----a-w- C:\windows\SysWow64\igkrng600.bin 2013-06-05 00:51:31 963884 ----a-w- C:\windows\System32\igkrng600.bin 2013-06-05 00:51:21 221264 ----a-w- C:\windows\SysWow64\igfcg600m.bin 2013-06-05 00:51:21 221264 ----a-w- C:\windows\System32\igfcg600m.bin 2013-06-05 00:51:20 581120 ----a-w- C:\windows\SysWow64\igdumdx32.dll 2013-06-05 00:40:09 293712 ----a-w- C:\windows\System32\drivers\ETD.sys 2013-06-05 00:39:03 8192 ----a-w- C:\windows\System32\drivers\IntelMEFWVer.dll 2013-06-04 06:00:13 624128 ----a-w- C:\windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\windows\SysWow64\qedit.dll . ============= FINISH: 16:33:45.52 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 08/06/2013 18:19:48 System Uptime: 22/08/2013 16:15:15 (0 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | 530U3BI/530U4BI/530U4BH Processor: Intel® Core i3-2367M CPU @ 1.40GHz | CPU | 1400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 163 GiB total, 112.31 GiB free. D: is FIXED (NTFS) - 284 GiB total, 69.584 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP71: 20/08/2013 13:46:26 - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.20 Accelerometer Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) Apple Application Support Apple Mobile Device Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver avast! Free Antivirus Bonjour Canon MX510 series MP Drivers Canon MX510 series On-screen Manual CCleaner Core Temp version 0.99.8 CyberLink YouCam D3DX10 Dropbox Easy File Share Easy Migration Easy Settings Easy Software Manager Easy Support Center 1.0 ESET Online Scanner v3 ETDWare PS/2-X64 10.7.17.5_WHQL ExpressCache Fast Flash Sleep Resume Google Chrome Google Update Helper Guitar Pro 5.2 Intel® Control Center Intel® Identity Protection Technology 1.2.22.0 Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Driver Intel® Rapid Start Technology Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Update Manager Intel® WiDi Intel® Wireless Display Intel® PROSet/Wireless Software Intel® PROSet/Wireless WiFi Software iTunes Java 7 Update 25 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 23.0.1 (x86 en-US) Mozilla Maintenance Service Mp3tag v2.57 MSVCRT MSVCRT_amd64 OpenMG Secure Module 5.0.00 PDF Split And Merge Basic Pidgin Realtek Ethernet Controller Driver Realtek High Definition Audio Driver S Agent Samsung Recovery Solution 5 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype™ 5.10 Software Launcher SonicStage 4.3 Spotify SW Update System Requirements Lab for Intel Tixati Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) User Guide VLC media player 2.0.8 Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPatrol . ==== Event Viewer Messages From Past Week ======== . 22/08/2013 16:19:50, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 22/08/2013 13:48:02, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 22/08/2013 13:46:57, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 22/08/2013 13:46:45, Error: Service Control Manager [7000] - The SW Update Service service failed to start due to the following error: The system cannot find the file specified. 20/08/2013 16:00:28, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{C896131E-03B6-469E-8E0E-51F03BAFF4A6} because another computer on the network has the same name. The server could not start. 20/08/2013 16:00:28, Error: NetBT [4321] - The name "SHU-PC :20" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer. 20/08/2013 16:00:28, Error: NetBT [4321] - The name "SHU-PC :0" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer. 20/08/2013 02:56:13, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 20/08/2013 01:36:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 19/08/2013 15:17:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service BBUpdate with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} 19/08/2013 15:17:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the BBUpdate service to connect. 19/08/2013 15:17:17, Error: Service Control Manager [7000] - The BBUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.